Part of living on the bleeding edge of technology is always looking for that better mouse trap. Needs and circumstances change along with the climate we live in, these things drive evolutionary product innovations and robust competition. No service or offering is perfect so there are always concessions to be made but as long as you aren’t stepping backwards, technological change can be a good thing. I previously wrote about a potential shift from Dropbox to Box, but due to a fatal flaw in the Box offering I moved away from that ledge. (With the Box.net Sync v4 client, this is purportedly fixed, finally, although I haven’t tested. Even still, Box = unsecure cloud storage since they encrypt contents with private keys they own. Tresorit started with a very strong launch but is now imposing limits that make the offer much less compelling. Read on for more info.

So what’s wrong with Dropbox? Honestly, not much, it is the feature/ functionality yard stick that all other cloud storage providers measure themselves against. The 2 big pain points I see are free storage space and security. It has become relatively easy to get 50GB on competing platforms, so Dropbox providing a meager 2GB with opportunities to increase it to ~20GB with referrals on the high side, is paltry. That said, Tresorit looks to be matching the 16GB possible extra referral space which will net them 3GB more total in the end.Secondly, beyond SSL + 2-factor authentication to access your Dropbox, you are on your own for securing your contents which ultimately reside in the Amazon S3 cloud. Although Dropbox claims to encrypt your files in the S3 cloud, this has proven to be exploitable and remains a problem for them today. Tresorit looks hopeful on solving both of these problems while providing the majority of the interesting features native to Dropbox.

What is Tresorit?

Tresorit is another contender in the cloud storage category with a heavy emphasis on security. Security is the first and foremost consideration of Tresorit, not an afterthought (see the whitepaper link at the bottom). A quick overview of the related nomenclature before we go deeper:

Tresorit (“Treasure It”) is the holistic cloud storage solution centered around protecting personal data in transit and at rest in the cloud.

Tresors are individual folders that have been client-side encrypted and synced up to the cloud.

The technique employed here is very similar to what LastPass does where all data is encrypted client side using a strong secret password and only the encrypted data is sent up to the cloud using secure channels. Tresorit never has your password so only you or those you explicitly share with can unencrypt your data via the Tresorit client. The communication channels use SSL/TLS but the security of this solution does not depend upon it as your data package itself is encrypted. Shared Tresors are decrypted client-side to the people you have expressly allowed access. Important to note that your files are not encrypted locally at rest on disk, they are only encrypted when synced up to the cloud.

Everything happens via the Tresorit client which must be installed on your PC or mobile device. There is no web portal to log into. Account registration and referral processing also happen via the client. Once installed, start creating new Tresors by connecting to any folder anywhere in your local file system. This is one of the cool things about Tresorit: many buckets, not just one like Dropbox. Although I have admittedly grown accustomed to keeping all things cloud in a single folder. Each Tresor will then be encrypted and sent up to the cloud.

Tresorit also handles selective syncing very intuitively: all Tresors disconnected by default. You choose what to sync on which clients simply by choosing to connect to the Tresor you would like to pull down on a given device. I have a 70GB account which is nearly 4x what my Dropbox account is so it is nice that I can selectively connect/disconnect those buckets as I see fit. Dropbox provides selective sync for top-level folders 1 level below the root Dropbox folder. Functionally no different, but Tresorit’s method is cleaner.

Any Tresor can be securely shared with anyone you like with 3 simple permissions to attach to each invitee.

Any Tresor can be individually disconnected or deleted from the cloud or sync stopped. This is an improvement over the Dropbox offering. Sync can also be disabled globally too, of course. Disconnecting a Tresor from the PC or deleting a Tresor from the cloud does not delete the files locally.

On the mobile side, Tresorit also supports seamless mobile camera uploads, just like Dropbox, which is an awesome feature. Not having a web portal to access your files, however, not only requires you to install Tresorit but to connect and download a full Tresor before you can manipulate any files within it. If you have a space limited device this can prove challenging for obvious reasons. If you have an Anrdoid or IOS device, the Tresorit client on those platforms will allow more granular manipulation without having to first download a full Tresor. You can delete individual files or send a file which will trigger a download, but for that file only. It seems like the same functionality should be eventually brought to the desktop client as well at some point.

New Features (*updated 3/24/14)

Encrypted links allow you to securely share any individual file in any Tresor. Free users are limited in both the number of links that can be created but also how many times each can be downloaded. Not tremendously different than Dropbox’s sharing mechanism but secure and severely more limited.

File activity can now be viewed from within the Tresorit desktop or mobile client. Encrypted links can be generated for the latest version of any active file, however deleted or prior versions cannot be viewed or retrieved.

Plans

There are paid plan options just like all of these types of services but keep in mind the limitations of the free version (which have sadly increased in Q1 of 2014). New limitations have been introduced around the number of devices you can use, monthly traffic, bandwidth speeds and the number of people you can share with (down to 5 from 10). The device limit alone is now a deal breaker for me, maybe not for you.

Disconnected Tresor sync

To prove that Tresorit could handle a net new file within an incomplete Tresor sync from a disconnected Tresor I performed the following test:

Disconnect a Tresor folder with incomplete content (only 50% downloaded from the cloud)

This performed flawlessly. The PC that had the Tresor with the 50% sync picked up where it left off (despite the Tresorit client being uninstalled/ reinstalled) and successfully pushed up the new file to the other PCs connected to the same Tresor. This is logical and exactly how it should work. Box couldn’t do this (maybe still can’t) which was their fatal flaw and why I felt compelled to test this here.

The one issue that popped up during this test was the fact that when reinstalling the client, it automatically logged into the same account with no prompt for credentials. This is obviously a serious problem if you ever wanted to install Tresorit at a friend or family member’s house to access a file, then uninstall thinking your account is safe. I contacted Tresorit about this and they said the issue will be resolved in the next release. As a precaution, manually logging out of the client before uninstalling would be a prudent step to protect your account.

What Tresorit does well

Auto-encrypt and sync any folder anywhere on your Mac/PC to the cloud. (not just a single bucket like Dropbox)

Multi-client sub-folder sync

Granular selective folder sync enabled by default

5GB space for free users (>2x more than Dropbox), bonus referrals of 16GB, opportunities to get 50GB+ (Gone for now)

Robust mobile client for Android/IOS that includes camera uploads, selective local caching, and passcode lockout

Actual support! – That’s right, you can open a support request with Tresorit and actually expect an email back in a reasonable time. The staff seems genuinely interested in helping.

Where Tresorit falls short

Limitations – Number of devices that can access an account, download, bandwidth and sharing.

No web portal: Tresorit provides no web portal through which you can access your files. If this is possible with LastPass, also client-side encrypted, it should be possible here.

Full folder download required: Full Tresor download is required to manipulate files on the PC client. Mobile client provides more granularity being able to access, delete or send individual files without downloading full Tresor folder. This applies to sharing as well which is a hassle to have to download 100% of all files in a given Tresor.

No deleted files protection: There is no mechanism to retrieve deleted files today but the activity mechanism, currently in beta, may be an indication this is coming.

No device management: There is no way to manage the multiple devices you have permitted to access your Tresorit account. If you lost your phone, for example, the only recourse you have right now is changing your password.

No MS Office file previews: There is no mobile MS Office file preview which is something only Box does right now. I really like this feature and hope it makes it in at some point.

500GB file limits + 20 top-level folder max on free accounts

There is no way (that I see) to change the master password once it’s been set (As of v0.8.100.133, there is!)

No LAN sync – very nice Dropbox feature if you use multiple PCs as it copies bit via the LAN faster than pulling everything down from the cloud.

Timed syncs – Tresorit syncs appear to operate on a timed schedule so are not change aware nor are they instantaneous. Opening the client manually will trigger the sync operation.

No password recovery – This could go in either bucket really depending on where you stand. Bottom line, if you forget your password, kiss your Tresorit account and all data within goodbye.

Camera uploads are broken on Android as of 1/5/14. This worked for a short time on a previous build but the Tresorit team appears to be struggling with this one. I’ve re-enabled my Dropbox account for this purpose alone until this gets sorted out.As of 2/21/14, this is working for me!

Off to a good start at first, now wait and see

After several days months of exclusive Tresorit use across multiple devices, I really have no didn’t have too many complaints. The majority of the core features I need are there. PC client syncs are not as snappy as they should be. Dropbox clients keep a persistent connection open to dropbox.com and all other LAN sync clients, so file changes sync almost immediately. Tresorit uses timed syncs which establish and tear down the sync session every time. To force a local sync early, you have to actually open the client which triggers an update operation. I don’t like this. On the other hand, I do feel like my data is secure and I have a huge storage footprint that I can grow further with referrals. This I like. New limitations introduced in 2014 have me rethinking how far I can go with Tresorit now. Of course, if a fatal flaw rears its head, I’ll tuck my tail and crawl back to Dropbox but so far I have no reason to see that happening. Working across several devices daily, I live in my cloud storage so this is important to me and having it secure without taking additional steps is a huge bonus. I’m now debating my options which include Box, Dropbox, Tresorit and Sync.

Feel free to use my referral link if you want to check out Tresorit with some free bonus space: Link

5 comments:

A few comments on functionality:1 - Dropbox sync's incremental changes to a file, so a small change to a 500MB file will only sync the change. This is a big win for Outlook PST files and for encrypted TruCrypt files, which both work fine.2 - It would be great if both offered the mobile device option to sync a folder, In Tresorit that would be to make a folder a favorite. It is a pain to remember to sync all files necessary for offline work before going offline. 3 - These tools provide a lot of value, if you expect file rollback, disaster recovery capability, great sync functionality, multi-client desktop and mobile client coverage and support, I don't expect all of this functionality for free.

Thanks for the excellent summary of Tresorit functionality. Given Dropbox's recent changes to ToS, I'm definitely looking for alternatives, so this was very useful to me. I like the approach to encryption here, but the timed syncing is a deal-breaker if it creates issues for distributed teams who are rapidly versioning project files. And I definitely must have camera auto-uploads to the cloud.

Tresorit now shows on their site that there is a "3 device" limit for free accounts.... That severely limits its usability, when you consider that for many of us, a tablet and a phone would take two of those three devices. They also have a limit on monthly data transfer. 2 - 20 GB of Dropbox storage, that I can actually use *anywhere* is better than the 65 GB I have with Tresorit that has all sorts of limitations.

Ugh, you're right. I'll update the post to show the new limitations. They are hobbling free users for business customers. I agree with your assessment as well, this makes Tresorit FAR less useful for me personally.

Be very careful with Tresorit. After downgrading I was charged again, they answered I´d have my money back but they charged again the next month with a plan that I didn´t have asked. After many mails to the support service.... no answer. Be very careful with them if you don´t want be tricked.